As I have been dealing more and more with web page related security I have found the need for a tool that can crawl a web page and search for potential malicious data.
Many of you might already know urlquery.net and the services they provide. It is a great site which loads your web page and tries to find malicious content which might not be visible to the end user.
It does this by loading the web page in firefox, and passing the traffic through Snort, and a couple of other analysis engines. It will also create a graph over the HTTP requests as well as a and overview over the HTTP headers.

Having a real Firefox, with real plugins loading your site proves to be very useful as more and more malware is getting quite sneaky, and will only serve malware to a very limited amount of visitors to avoid detection.

All these features is gold for anyone working with web page security (eg. a hosting provider).

The only problem for me is that urlquery.net isnt open source, which means that every test I do will become public, which I might not be ready for.

I looked into Thug, but lacking a web interface/report viewing interface, I did not find it perfect enough for my use.
I had therefore to create something on my own.
This has resulted in FjoSpidie, a now Open Source Spider/Honey Client.

This spider runs Firefox through Selenium and records the traffic with tcpdump which is passed through Snort to search for known, malicious content.

This is a very short, and “simple” explanation how i made Spotify 0.4 play local MP3 files under Linux with Wine.
I have not tested this elsewhere, and i can not guarantee that everyone has to do the same steps as me.

If you want to try my finished file you can download it here: winemp3.acm.so (x86 only)
Place it in /usr/lib/wine/ (x86) or /usr/lib32/wine/ (x64).

Or if you need to do things a tad more automatic you can try this script which will do everything automatically for the ones of you on x86: winefix.sh

For those of you who want the technical details: continue reading 🙂

You should try and skip step 3 if possible, but if Spotify just hangs and max out your CPU you should do step 3.

You can also use an hex editor to change WINE-MPEG3 to LAME-MPEG3 in /usr/lib/wine/winemp3.acm.so to try before doing the, for me, crucial step number three.